Storage of information in digital form often requires that the information be disclosed only to certain known entities, that the information not be modified except by known entities, and that those entities have assured access to the information. The confidentiality, integrity and accessibility of the information might be challenged by determined attackers who can take possession of some elements of the storage machinery, and who also might employ other strategies to compromise the mechanisms defending the confidentiality, integrity and accessibility of the data.
Encryption is the most common method to achieve data confidentiality. Such encryption mechanisms utilize a suitably chosen secret whose possession allows for access to the meaning of the data; without this secret, the data is meaningless. However, protection of the key is essential to preserve confidentiality as well as accessibility, since the disclosure or loss of the key entails the disclosure or loss of the data. Also, the data in encrypted form can be lost or unavailable, hence the data unavailable even when in possession of the secret.
Replication and information dispersion are common methods to achieve data availability. Replication stores the data on several devices or at several locations, so that loss of data on one device or at one location does not prevent access to the data. Dispersion is a more sophisticated method of replication, in which the data is manipulated so that, say, each of three locations can store one half the data in such a way that any two locations can reassemble from their respective halves the data. However, replication and dispersion do not provide confidentiality for the data, and in some ways make confidentially less likely as the data becomes available to more entities.
Various methods and systems use encryption and replication or dispersion to secure digital information. When both confidentiality and accessibility are required, a layered solution is used, such as encryption and replicating the encrypted data. Secret sharing is also possible, in which confidentiality is achieved by dispersing both data and noise (randomly chosen data) and there is no need for a key. However secret sharing requires a great deal of storage overhead and the heavy use of randomly chosen data.
No current methods or apparatus have been suggested or implemented that achieve both confidentiality and accessibility without the vulnerability introduced by the requirements of key management or without including a large burden for storage of random data for the purpose of hiding the actual data.
Therefore, a need exists for a method and system of protecting data such that the confidentiality and availability of data is provided while being tolerant to inaccessibility or disclosure of some portion of the data, without requiring key secrecy.